The rapidly evolving threats and defenses within the OT cybersecurity space are creating a landscape that is quickly and continuously changing. To understand the current priorities and barriers for OT/ICS security practitioners and executives at industrial companies, we conducted proprietary research during October 2021 to May 2022, surveying 101 members of the OT cybersecurity community. This survey is intended to be a snapshot of the current landscape, as well as a look forward to what might come next.
Overall, organizations are focused on solving very specific gaps and overlaps across OT security, while trying to better integrate with big picture IT security strategies and goals. The only way this happens is through the continued close cooperation on both sides of the OT perimeter. Our report suggests that, even with challenges coming from all directions, this critical collaboration is already shaping the future. We'll break down three key takeaways from the data we collected here.
1. A need for flexibility in tools and governance
The unique constraints of OT environments demand multiple paths to both security and compliance. We found that teams are deploying multiple platforms and solutions to safeguard their control environments, layering passive and manual collection tools with other solutions. We also saw a broad distribution of governance models, with organizations splitting nearly evenly between being led by IT, OT, or via shared responsibility.
When we asked respondents about who controlled the OT cybersecurity budget, 38% indicated that either IT or theCISO team controlled OT security budget decisions. We then see a virtual tie for second place between control by the OT team (29%) or shared control by both sides of the organization (28%).
2. Continuing worries about staff and skills shortages
When asked about barriers to success, people-adjacent challenges outpaced technology-centered problems. Organizations need both larger staff and additional capabilities.
When asked about barriers to OT security success, lack of in-house expertise came in second only to budget. While one or two member OT teams are still the most prevalent, most respondents indicated they were growing their OT security headcount in 2022.
3. A delicate balance between security and compliance
Teams are trying to keep pace with both attackers and regulators. When we asked about what was driving risk strategy, concern over meeting government regulation barely topped fear of an attack. As compliance frameworks multiply and lawmakers begin to take OT threats more seriously, operational guidance is getting tighter.
The top drivers of strategy were still overwhelmingly external. Most respondents (39%) were focused on meeting government regulations, while 35% were motivated by fear of the attacks themselves. Internally, champions for better OT were seen as prime movers by 15% of our survey. Competitive concerns and attempts to reduce cyber insurance both captured about 3% of the answer.
Aside from these three key takeaways, this research report also dives deeper into what drives risk assessment, how OT security practitioners are collecting OT data strategies for vulnerability management, and more.
To get deeper insight into what challenges are influencing the choices of today’s OT/ICS cybersecurity practitioners, get your copy of the 2022 State of Operational Technology (OT) Cybersecurity Research Report here.